Due Diligence and Ongoing Monitoring

This message was posted by a user wishing to remain anonymous

Hello,

I'm wondering how everyone handles their insurance due diligence task.  Do you only review insurance during regular reviews or do you request and update coverages as the insurance expires?

Thank you!

Along with reviewing the coverages during the initial onboarding, with key vendors we add contractual language to request they provide a Certificate of Insurance annually.
Original Message:
Sent: 11-25-2020 11:45 AM
From: Anonymous Member
Subject: Insurance due diligence

This message was posted by a user wishing to remain anonymous

Hello,

I'm wondering how everyone handles their insurance due diligence task.  Do you only review insurance during regular reviews or do you request and update coverages as the insurance expires?

Thank you!

We review as part of our annual review, not when COI expire.  My preference is to link the annual review to the approximate date I expect the next SOC review to be available versus when COI expires.  In the absence of SOC review, I try to link annual review to date most recent annual financials available if fiscal year other than calendar.​
Original Message:
Sent: 11-25-2020 11:45 AM
From: Anonymous Member
Subject: Insurance due diligence

This message was posted by a user wishing to remain anonymous

Hello,

I'm wondering how everyone handles their insurance due diligence task.  Do you only review insurance during regular reviews or do you request and update coverages as the insurance expires?

Thank you!

This message was posted by a user wishing to remain anonymous

Hi Michelle,

What type of review do you do on the COI itself?  Is this review completed by TPRM or vendor relationship manager?
Original Message:
Sent: 12-07-2020 10:40 AM
From: Michelle Chase
Subject: Insurance due diligence

We review as part of our annual review, not when COI expire.  My preference is to link the annual review to the approximate date I expect the next SOC review to be available versus when COI expires.  In the absence of SOC review, I try to link annual review to date most recent annual financials available if fiscal year other than calendar.​
Original Message:
Sent: 11-25-2020 11:45 AM
From: Anonymous Member
Subject: Insurance due diligence

This message was posted by a user wishing to remain anonymous

Hello,

I'm wondering how everyone handles their insurance due diligence task.  Do you only review insurance during regular reviews or do you request and update coverages as the insurance expires?

Thank you!

We have all aspects of the due diligence review including COI review done within vendor management.  I look to make sure expected normal course of business insurance in place (workers comp etc), take a look at the limits and look for additional insurance coverage like cyber.  We don't have insurance minimums in place but looking at adding a contractual requirement to have cyber insurance for critical vendors with high data confidentiality risks as believe this is a best practice.​
Original Message:
Sent: 02-03-2021 05:56 PM
From: Anonymous Member
Subject: Insurance due diligence

This message was posted by a user wishing to remain anonymous

Hi Michelle,

What type of review do you do on the COI itself?  Is this review completed by TPRM or vendor relationship manager?
Original Message:
Sent: 12-07-2020 10:40 AM
From: Michelle Chase
Subject: Insurance due diligence

We review as part of our annual review, not when COI expire.  My preference is to link the annual review to the approximate date I expect the next SOC review to be available versus when COI expires.  In the absence of SOC review, I try to link annual review to date most recent annual financials available if fiscal year other than calendar.​
Original Message:
Sent: 11-25-2020 11:45 AM
From: Anonymous Member
Subject: Insurance due diligence

This message was posted by a user wishing to remain anonymous

Hello,

I'm wondering how everyone handles their insurance due diligence task.  Do you only review insurance during regular reviews or do you request and update coverages as the insurance expires?

Thank you!